aurora | 6a1d6f9f0d9f038b6bc64ee8d383143d[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

6a1d6f9f0d...3d.exe

windows7-x64

6a1d6f9f0d...3d.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6a1d6f9f0d9f038b6bc64ee8d383143d.exe

Resource

win7-20230220-en

aurora spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a1d6f9f0d9f038b6bc64ee8d383143d.exe

Resource

win10v2004-20230220-en

aurora spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

6a1d6f9f0d9f038b6bc64ee8d383143d.exe
Size

8.1MB
MD5

6a1d6f9f0d9f038b6bc64ee8d383143d
SHA1

5681bfc4587c40695e99daec0c75bef7946627c8
SHA256

459a3e9ef30e59ff28934170719d805ee5f05c44d8bd61f4fd8ed1e70047aa1c
SHA512

b640bbf2e72cacb73c97ed9ab3848d236e46909395f41b7ca77bfb796a12e3ba193d976aaf4f28cb373528297fbd8e30fa644e2377d7797e00cd1dce0a67b1c1
SSDEEP

98304:SdjxunlgScTvilUJQ38e8dR2SfX6IODGfL112bfaTl:SdjxClgSc7ilieK9X6I4GBAbfwl

Score

10^/10

aurora

Malware Config

Signatures

Aurora family
aurora

Files

6a1d6f9f0d9f038b6bc64ee8d383143d.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy